|
251651
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The mm_init function in kernel/fork.c in the Linux kernel before 4.12.10 does not clear the ->exe_file member of a new process's mm_struct, allowing a local attacker to achieve a use-after-free or po…
|
CWE-416
Use After Free
|
CVE-2017-17052
|
2024-11-21 12:17 |
2017-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251652
|
7.8 |
HIGH
Local
|
tgsoft
|
vir.it_explorer
|
TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a NULL value in a 0x82730020 DeviceIoContr…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-17050
|
2024-11-21 12:17 |
2017-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251653
|
7.8 |
HIGH
Local
|
tgsoft
|
vir.it_explorer
|
TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a NULL value in a 0x82730010 DeviceIoContr…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-17049
|
2024-11-21 12:17 |
2017-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251654
|
6.5 |
MEDIUM
Local
|
xen
|
xen
|
An issue was discovered in Xen through 4.9.x on the ARM platform allowing guest OS users to obtain sensitive information from DRAM after a reboot, because disjoint blocks, and physical addresses that…
|
CWE-200
Information Exposure
|
CVE-2017-17046
|
2024-11-21 12:17 |
2017-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251655
|
8.8 |
HIGH
Local
|
xen
|
xen
|
An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by lever…
|
CWE-416
Use After Free
|
CVE-2017-17045
|
2024-11-21 12:17 |
2017-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251656
|
6.5 |
MEDIUM
Local
|
xen
|
xen
|
An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to cause a denial of service (infinite loop and host OS hang) by leveraging the mishandling of Populate on Demand (PoD) errors.
|
CWE-754
CWE-755
CWE-835
Improper Check for Unusual or Exceptional Conditions
Improper Handling of Exceptional Conditions
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-17044
|
2024-11-21 12:17 |
2017-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251657
|
6.1 |
MEDIUM
Network
|
zitec
|
emag_marketplace_connector
|
The Emag Marketplace Connector plugin 1.0.0 for WordPress has reflected XSS because the parameter "post" to /wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php is not filt…
|
CWE-79
Cross-site Scripting
|
CVE-2017-17043
|
2024-11-21 12:17 |
2017-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251658
|
7.5 |
HIGH
Network
|
yardoc
|
yard
|
lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitr…
|
CWE-22
Path Traversal
|
CVE-2017-17042
|
2024-11-21 12:17 |
2017-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251659
|
5.5 |
MEDIUM
Local
|
kmplayer
|
kmplayer
|
KMPlayer 4.2.2.4 allows remote attackers to cause a denial of service via a crafted NSV file.
|
CWE-20
Improper Input Validation
|
CVE-2017-16952
|
2024-11-21 12:17 |
2017-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251660
|
5.5 |
MEDIUM
Local
|
audiovalley
|
winamp_pro
|
Winamp Pro 5.66 Build 3512 allows remote attackers to cause a denial of service via a crafted WAV, WMV, AU, ASF, AIFF, or AIF file.
|
CWE-20
Improper Input Validation
|
CVE-2017-16951
|
2024-11-21 12:17 |
2017-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
